security-scanner_skill

Overview

This skill scans installed plugins and skills for security risks, including malicious code and malicious natural language instructions. Use the /security-scanner command to audit before installation or to inspect GitHub repositories. It detects both dangerous code patterns and deceptive or exfiltration instructions in documentation and prompts.

How this skill works

The scanner locates plugin and skill directories at user and project levels (and supports multiple agent paths) or fetches content from public GitHub URLs. It reads metadata and all relevant files, then applies semantic AI analysis and pattern checks to detect code-level threats and malicious natural-language instructions. It reports findings, skips trusted sources, and can operate in a strict --all mode that ignores trusted exclusions.

When to use it

• Before installing a third-party plugin or skill
• When auditing local skills/plugins after pulling new code
• When reviewing a public GitHub plugin or skill before use
• As part of a security review for multi-agent setups
• To verify changes after merging new skill updates

Best practices

• Run scans on both project-level and user-level paths to avoid blind spots
• Maintain a local trusted_sources config to reduce noise for known good packages
• Use --url to scan public GitHub repos before pulling code locally
• Use --all only when you want a full audit that ignores trusted exclusions
• Review both code results and natural-language findings; treat language-based risks as high priority

Example use cases

• Audit a downloaded Claude Code plugin in ~/.claude/plugins before enabling it
• Scan a project’s .claude/.codex skills directories during CI before deployment
• Fetch and analyze a skill directory from a public GitHub URL to confirm safety
• Run a user-level scan to detect malicious instructions embedded in agent system prompts
• Use --project when evaluating new skills added to a repository branch